Guest essay by Eric Worrall
News in Australia this week, the Chinese government has been accused of hacking the computers of Australia’s Bureau of Meteorology, with claims that the source of the hack has been tracked to a Chinese Army building in Shanghai. The Chinese government has strongly denied responsibility for the cyber attack.
According to the Australian ABC;
China is being blamed for a major cyber attack on the computers at the Bureau of Meteorology, which has compromised sensitive systems across the Federal Government.
Key points:
ABC told there is little doubt the “massive” breach came from China Motivation for attack could be commercial, strategic or both
Bureau provides critical information to a host of agencies, including link to Defence Department Could “take years and cost hundreds of millions of dollars to fix”
Multiple official sources have confirmed the recent attack, and the ABC has been told it will cost millions of dollars to plug the security breach, as other agencies have also been affected.
The bureau owns one of Australia’s largest supercomputers and provides critical information to a host of agencies.
Its systems straddle the nation, including one link into the Department of Defence at Russell Offices in Canberra.
Cyber attacks on government agencies are routine and the “adversaries” range from thrill-seeking hackers, through to criminals and foreign states.
But the ABC has been told this is a “massive” breach and one official said there was little doubt where it came from.
…
Beyond that, the bureau provides a gateway to other agencies.
“They’re looking for the weakest link and so if you go into an agency, which may have a level of security clearance, but perhaps not as high as central parts of the national security community, maybe there are weaknesses they can exploit which will enable them to then move into other, more highly-valued targets,” Mr Jennings said.
Read more: http://www.abc.net.au/news/2015-12-02/china-blamed-for-cyber-attack-on-bureau-of-meteorology/6993278
The fact that the hack has been traced to a Chinese army building doesn’t mean that the people in the building knew anything about the hack. Its common practice amongst hackers to use other computers as catspaws, as proxies for their attacks, as decoys to conceal the true source of the hack. To trace the hack further, Australian authorities would themselves have to attempt to hack the Chinese army, to see exactly what was happening to the computers which launched the attack – which would open a whole new can of worms.
Western governments, such as US federal agencies, have an atrocious track record for protecting systems from cyber infiltrators. There is evidence the Chinese government has major problems managing their computer infrastructure, with widespread disobedience to official policy directives. So it is entirely plausible that the Chinese government are victims of the hackers, rather than the perpetrators.
If the Chinese government were behind the attack, the assumption is that the Chinese government were trying to use the Bureau of Meteorology to attack other linked systems. It is reasonable to suggests the hackers were targeting a different agency – links between associated computer systems are often very insecure, cybersecurity people tend to secure the front door, but often leave the back doors hanging wide open (sometimes because nobody told them the links exist). Leapfrogging from one system into the heart of another system is a well known attack strategy.
But what if the Chinese government, or whoever was behind the hack, actually were just interested in the Australian Bureau of Meteorology? China might want to know what is really happening to global climate. One thing for sure, they would have a difficult time getting straight answers about Australian weather records via legitimate channels. Perhaps they just wanted to see the raw data, and the secret algorithms the BOM uses, to apply their highly questionable homogenisation adjustments.
Discover more from Watts Up With That?
Subscribe to get the latest posts sent to your email.
Well, as the CIA/NSA hacks all over the world, I’m sure they’ll hack some meteorology bureaux, if they think there’s actually anything worth hacking there.
The western media always make out that it’s the big bad enemy who do all the spying.
Truth? We do 95% of it…….
For those of you interested in how an attack like the one reported works, there was a very interesting report published by Mandiant in 2013. Mandiant are now part of Fireeye, and an IT Security specialist. Mandiant dubbed the attack APT1 (Advanced Persistent Threat 1). The report details the attack and has a good overview of the Chinese Army’s cyber capabilities, including its sheer scale. See http://intelreport.mandiant.com/ where the report can be downloaded.
Cleaning up after an APT-style intrusion is difficult and expensive. Simply restoring from last back up won’t work; you would have to go back to before the attack started (weeks; months, years of data loss?).
Who the hell would want to hack the BOM computers? There is nothing of interest there. I reckon it is an excuse for getting caught changing raw data.
so we spent 77 mil and the suplier the software dudes etc..and the govt person approving it
NONE of whom installed security enough?
heads SHOULD roll and someone be paying for it.
NOT the bloody taxpayers again
next week govvy auctions ad
PC going cheap..best offer over 50$
Let’s hope they release the data and E-mails concerning adjustments. The Chinese prefer a hack over FOI requests. Hacking results do not pass through filters. Another climategate type disclosure could really kill this climate religion. GK
Thanks, Eric Worrall. Perhaps China wants to see the raw data?
Hacker’s, regardless of their origin, sneak into computer systems for only two reasons: to take something away or to leave something behind. Given that the ABM system is primarily used for playing weather-related video games, the most marketable asset it would hold would be users’ personal data, including whatever is embedded in their emails.
I can’t imagine that Anonymous would care to tweak (and likely improve) their modelling software, and their databases have been pre-tweaked to the point of near-uselessness anyway..
There is no truth in the rumour that due to budget constraints the BOM has taken over the Defence Dept. Our military will of course retain the usual sections- infantry, armour, transport, catering, and of course, Intelligence- which, with the combined resources of BOM and Defence, will still be the smallest such unit in the world. 🙂